cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ted Zlatanov <...@lifelogs.com>
Subject Re: Cassandra access control
Date Thu, 12 Nov 2009 15:51:58 GMT
On Thu, 12 Nov 2009 09:12:56 -0600 Jonathan Ellis <jbellis@gmail.com> wrote: 

JE> 2009/11/12 Ted Zlatanov <tzz@lifelogs.com>:
>> On Wed, 11 Nov 2009 16:14:09 -0800 Anthony Molinaro <anthonym@alumni.caltech.edu>
wrote:
>> 
AM> How will authentication work with non-java clients?  I don't think thrift
AM> itself has authentication built in, and it sounds like a java library is
AM> being proposed for the guts.  Will it still be possible to connect from
AM> a non-java client or will the thrift interface be deprecated?
>> 
>> The client will login with a Map<String,String> of login tokens and get
>> an auth token (probably a String containing a UUID) back.  The token
>> will be valid for the duration of the client connection and will grant
>> access to a single keyspace.  Effectively, the token replaces the old
>> Keyspace argument in all Thrift API calls.

JE> I'd really prefer to just keep that around in a threadlocal.  There's
JE> no reason for a client to continue passing a token w/ each call that
JE> the server already knows.

OK.

>> I am thinking of allowing dual operation where if you pass a keyspace
>> name without login, it works on servers that don't have authentication
>> enabled.

JE> The default should definitely be, "don't break people who don't need
JE> the new feature more than necessary."  So the default should be
JE> "accept any client to any keyspace."

Hmm, I thought we were going to limit access to a single keyspace upon
login.  You want to keep allowing multiple keyspaces?  That would leave
the existing API intact (only adding a login function) but requires an
extra authorization check every time a keyspace is given.  Do we expire
authorizations after a certain time?

Ted


Mime
View raw message